int
iasecc_sm_delete_file(struct sc_card *card, unsigned se_num, unsigned int file_id)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "SM delete file: SE#:%X, file-id:%X", se_num, file_id);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_FILE_DELETE);
LOG_TEST_RET(ctx, rv, "iasecc_sm_delete_file() SM INITIALIZE failed");
sm_info->cmd_data = (void *)file_id;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_delete_file() SM 'FILE DELETE' failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_delete_file() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_create_file(struct sc_card *card, unsigned se_num, unsigned char *fcp, size_t fcp_len)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
struct iasecc_sm_cmd_create_file cmd_data;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "iasecc_sm_create_file() SE#%i, fcp(%i) '%s'", se_num, fcp_len, sc_dump_hex(fcp, fcp_len));
rv = iasecc_sm_initialize(card, se_num, SM_CMD_FILE_CREATE);
LOG_TEST_RET(ctx, rv, "iasecc_sm_create_file() SM INITIALIZE failed");
cmd_data.data = fcp;
cmd_data.size = fcp_len;
sm_info->cmd_data = &cmd_data;
sc_remote_data_init(&rdata);
rv= iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_create_file() SM 'UPDATE BINARY' failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_create_file() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_pin_reset(struct sc_card *card, unsigned se_num, struct sc_pin_cmd_data *data)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "iasecc_sm_pin_reset() SE#%i, PIN(ref:%i,len:%i)", se_num, data->pin_reference, data->pin2.len);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_PIN_RESET);
LOG_TEST_RET(ctx, rv, "iasecc_sm_pin_reset() SM INITIALIZE failed");
sm_info->cmd_data = data;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_pin_reset() SM 'PIN RESET' failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_pin_reset() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_sdo_update(struct sc_card *card, unsigned se_num, struct iasecc_sdo_update *update)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "iasecc_sm_sdo_update() SE#%i, SDO(class:0x%X,ref:%i)", se_num, update->sdo_class, update->sdo_ref);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_SDO_UPDATE);
LOG_TEST_RET(ctx, rv, "iasecc_sm_sdo_update() SM INITIALIZE failed");
sc_log(ctx, "current DF '%s'", sc_print_path(&sm_info->current_path_df));
sm_info->cmd_data = update;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_sdo_update() SM 'SDO UPDATE' failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_sdo_update() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_pin_verify(struct sc_card *card, unsigned se_num, struct sc_pin_cmd_data *data, int *tries_left)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "iasecc_sm_pin_verify() SE#%i, PIN(ref:%i,len:%i)", se_num, data->pin_reference, data->pin1.len);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_PIN_VERIFY);
LOG_TEST_RET(ctx, rv, "iasecc_sm_pin_verify() SM INITIALIZE failed");
sm_info->cmd_data = data;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
if (rv && rdata.length && tries_left)
if (rdata.data->apdu.sw1 == 0x63 && (rdata.data->apdu.sw2 & 0xF0) == 0xC0)
*tries_left = rdata.data->apdu.sw2 & 0x0F;
LOG_TEST_RET(ctx, rv, "iasecc_sm_pin_verify() SM 'PIN VERIFY' failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_pin_verify() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_rsa_update(struct sc_card *card, unsigned se_num, struct iasecc_sdo_rsa_update *udata)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "SM update RSA: SE#: 0x%X, SDO(class:0x%X:ref:%X)", se_num,
udata->sdo_prv_key->sdo_class, udata->sdo_prv_key->sdo_ref);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_RSA_UPDATE);
LOG_TEST_RET(ctx, rv, "iasecc_sm_rsa_update() SM initialize failed");
sm_info->cmd_data = udata;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_rsa_update() SM cmd failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_rsa_update() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_update_binary(struct sc_card *card, unsigned se_num, size_t offs,
const unsigned char *buff, size_t count)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
struct iasecc_sm_cmd_update_binary cmd_data;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx,
"SM update binary: acl:%X, offs:%"SC_FORMAT_LEN_SIZE_T"u, count:%"SC_FORMAT_LEN_SIZE_T"u",
se_num, offs, count);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_FILE_UPDATE);
LOG_TEST_RET(ctx, rv, "iasecc_sm_update_binary() SM INITIALIZE failed");
cmd_data.offs = offs;
cmd_data.count = count;
cmd_data.data = buff;
sm_info->cmd_data = &cmd_data;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_update_binary() SM 'UPDATE BINARY' failed");
rv = sm_release (card, &rdata, NULL, 0);
LOG_TEST_RET(ctx, rv, "iasecc_sm_update_binary() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, count);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}
int
iasecc_sm_read_binary(struct sc_card *card, unsigned se_num, size_t offs, unsigned char *buff, size_t count)
{
struct sc_context *ctx = card->ctx;
#ifdef ENABLE_SM
struct sm_info *sm_info = &card->sm_ctx.info;
struct sc_remote_data rdata;
struct iasecc_sm_cmd_update_binary cmd_data;
int rv;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "SM read binary: acl:%X, offs:%i, count:%i", se_num, offs, count);
rv = iasecc_sm_initialize(card, se_num, SM_CMD_FILE_READ);
LOG_TEST_RET(ctx, rv, "iasecc_sm_read_binary() SM INITIALIZE failed");
cmd_data.offs = offs;
cmd_data.count = count;
sm_info->cmd_data = &cmd_data;
sc_remote_data_init(&rdata);
rv = iasecc_sm_cmd(card, &rdata);
LOG_TEST_RET(ctx, rv, "iasecc_sm_read_binary() SM 'READ BINARY' failed");
sc_log(ctx, "IAS/ECC decode answer() rdata length %i", rdata.length);
rv = sm_release (card, &rdata, buff, count);
LOG_TEST_RET(ctx, rv, "iasecc_sm_read_binary() SM release failed");
rdata.free(&rdata);
LOG_FUNC_RETURN(ctx, rv);
#else
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "built without support of Secure-Messaging");
return SC_ERROR_NOT_SUPPORTED;
#endif
}